package com.jh.mms.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import com.jh.mms.util.Constants;


public class AuthorityFilter implements Filter {

	public void destroy() {

	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {

		HttpServletRequest req = (HttpServletRequest) request;
		
		String servletPath = req.getServletPath();

		System.out.println("ServletPath: " + servletPath);

		boolean pass = false;

		if (servletPath.startsWith("/images/")) {
			pass = true;
		} else if (servletPath.startsWith("/javascripts/")) {
			pass = true;
		} else if (servletPath.startsWith("/stylesheets/")) {
			pass = true;
		} else if ("/login.jsp".equals(servletPath)) {
			pass = true;
		}

		pass = true;

		if (pass) {
			chain.doFilter(request, response);
		} else {
			request.setAttribute(Constants.MESSAGE_TITLE, "操作出错啦！");
			request.setAttribute(Constants.MESSAGE_TEXT,
					":( 您没有权限访问该资源，如有疑问，请联系管理员！");
			request.getRequestDispatcher("/tips.jsp")
					.forward(request, response);
		}

	}

	public void init(FilterConfig config) throws ServletException {
	}

}
